Security

• Kubernetes
• KQL
• AZ-104
• AZ-500
• CompTIA Security+
• Sentinel
• Snyk CTF 2022
• SQL Server Authentication
• Security Training & Certification
• [[Zero Trust
• Microsoft Entra ID
• Supply Chain Security

Tools

• https://dfir.blog/unfurl/
• OWASP Nettacker | OWASP Foundation
• Homepage - Maltego
• WhatsMyName Web
• ReadThenBurn
• WiGLE: Wireless Network Mapping
• crt.sh | Certificate Search
• GreyNoise Visualizer
• LearningKijo (Kijo)
• Snort - Network Intrusion Detection & Prevention System
• HackmichNet/AzTokenFinder
• badssl.com
• https://sigmahq.io/
• https://github.com/synacktiv/nord-stream - Nord Stream is a tool that allows you extract secrets stored inside CI/CD environments by deploying malicious pipelines.
• Axonius
• Seedata.io - deception platform
• Mandiant capa - capa detects capabilities in executable files
• DNS Dumpster - passive DNS

Training

• Snyk Learn - Trusted Developer Security Training | Snyk
• ISC(2) Skill Builders
• juice-shop/juice-shop: OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
• Free developer security education lessons | Snyk Learn

Misc

• Secret Management
• BinaryEdge
• digininja/DVWA: Damn Vulnerable Web Application (DVWA)
• ONYPHE | Attack Surface Management & Cyber Defense Search Engine
• How to Conduct Person of Interest Investigations Using OSINT & Maltego - Maltego
• Persistence via App Registration in Entra ID
• Cloudflare Radar
• tomwechsler/Microsoft_Cloud_Security: Everything about Microsoft Cloud Security!
• Implement Microsoft Sentinel and Microsoft 365 Defender for Zero Trust | Microsoft Learn
• [Google Online Security Blog: Announcing the deps.dev API: critical dependency data for secure supply chains](https://security.googleblog.com/2023/04/announcing-depsdev-api-critical.html
• How to refresh Azure Identity Governance access packages after renaming Azure Active Directory groups – Medium
• Threat Modelling
• Threat Intelligence
• Titan in depth: Security in plaintext | Google Cloud Blog
• When MFA is not enough: 5 easy and essential steps for hardening our identities
• Cloud native Data Loss Prevention | The future of data security
• (ISC)² InfoSecurity Professional
• (ISC)² News and Insights
• Recognizing & Rewarding Security Champions – We Hack Purple
• Motivating Jenny: Developer Security Toolkit
• Security Driven .NET
• Social Engineering Kill–Chain: Predicting, Minimizing & Disrupting Attack Verticals
• Running DAST in a CI/CD, Successfully
• PentesterLab: Learn Web Penetration Testing: The Right Way
• Crash-only software: More than meets the eye [LWN.net]
• Google Online Security Blog: Capslock: What is your code really capable of?
• Connect Microsoft Sentinel to STIX/TAXII threat intelligence feeds
• Secrets Management - OWASP Cheat Sheet Series
• Cloudflare Radar
• OWASP WrongSecrets | OWASP Foundation
• Deploying ASP.NET Core applications to Kubernetes
• NCSC’s cyber security training for staff now available - NCSC.GOV.UK
• Secure SDLC | Secure Software Development Life Cycle | Snyk
• Connect, secure, and simplify your network resources with Azure Virtual Network Manager | Azure Blog and Updates | Microsoft Azure
• Hardening Windows Clients with Microsoft Intune and Defender for Endpoint - Microsoft Community Hub
• Ship-It safely with GitHub Advanced Security
• Security Certification Roadmap - Paul Jerimy Media
• OWASP AI Security and Privacy Guide | OWASP Foundation
• AI-powered Bing Chat spills its secrets via prompt injection attack [Updated] | Ars Technica
• Daniel Kelley: Top 30 Cybersecurity Posts Swipe File
• CC Study Group - (ISC)² Community
• Security logging and monitoring failures
• Microsoft Certified: Cybersecurity Architect Expert - Certifications | Microsoft Docs
• Microsoft Entra Verified ID now generally available - Microsoft Tech Community
• How to use MITRE’s Top ATT&CK Techniques tool — MITRE tools for Threat Informed Defense | by Andre Camillo | Microsoft Azure | Aug, 2022 | Medium
• Log Management Fundamentals for Cybersecurity Engineers | by Andre Camillo | Microsoft Azure | Jul, 2022 | Medium
• OWASP API Top 10 Vulnerabilities and How to Prevent Them
• JWT attacks | Web Security Academy
• Social Engineering Kill–Chain: Predicting, Minimizing & Disrupting Attack Verticals
• Kali Linux Desktop on Windows Subsystem for Linux - CodeProject
• NeuraLegion/sectester-js-demo: This is a demo project for the SecTester JS SDK framework, with some installation and usage examples
• 0-Day Clothing: T-Shirts for Hackers, Engineers & Geeks
• Cyberseek
• Diffie-hellman key exchange (video) | Khan Academy
• MITRE ATT&CK®
• D3FEND Matrix | MITRE D3FEND™
• MITRE Engage™ | An Adversary Engagement Framework from MITRE
• Microsoft Security Immersion Workshop Secure Hybrid Cloud
• ReadThenBurn
• How to leverage full cloud adoption in payments
• Navigating the Cloud Maze:Protecting Your Workloads in a Multi-Cloud Environment
• The Digital Bank: Build a data-driven customer experience on the open lakehouse
• OWASP Membership Information & Benefits | OWASP Foundation
• Persistence via App Registration in Entra ID
• Home - (ISC)² Community
• Hacking JWT Tokens: The None Algorithm | by Shivam Bathla | Pentester Academy Blog
• OAuth 2.0 and OpenID Connect (in plain English) - YouTube
• Inside the Mind of an APT
• Working with the Azure AD entitlement management API - Microsoft Graph v1.0 | Microsoft Learn
• Public Preview: GitHub Advanced Security for Azure DevOps | Azure updates | Microsoft Azure
• Public Preview: GitHub Advanced Security for Azure DevOps | Azure updates | Microsoft Azure
• Working with the Azure AD entitlement management API - Microsoft Graph v1.0 | Microsoft Learn
• New! AI-Driven Adaptive Learning for CCSP from (ISC)²
• Untangling Azure Active Directory Principals & Access Permissions · csandker.io
• Banking Security: Safeguarding your Data from external and internal threats
• Learn about Windows security baselines you can deploy with Microsoft Intune | Microsoft Learn
• Hunted | All 4
• Free: Dastardly from Burp Suite | Blog - PortSwigger
• The Sleuth Kit
• vulhub/vulhub: Pre-Built Vulnerable Environments Based on Docker-Compose
• Protective Domain Name Service (PDNS) - NCSC.GOV.UK
• A Realistic Look at Implications of ChatGPT for Cybercrime
• Thread by @_wald0 on Thread Reader App – Thread Reader App
• The DEF CON® Media Server - Archives of the conferences
• Bug Alert
• The Hidden Complexity of Vulnerability Remediation | Cyentia
• Why is Signal asking users to set a PIN, or “A few thoughts on Secure Value Recovery” – A Few Thoughts on Cryptographic Engineering
• Gandalf | Lakera – Test your prompting skills to make Gandalf reveal secret information.
• Security Industry 101: A ‘Crash Course’ for Security Newbies
• Understand just-in-time virtual machine access - Microsoft Defender for Cloud | Microsoft Learn
• Enable just-in-time access on VMs - Microsoft Defender for Cloud | Microsoft Learn
• Enable infrastructure encryption for double encryption of data - Azure Storage | Microsoft Learn
• What is Azure attribute-based access control (Azure ABAC)? | Microsoft Learn
• How Azure AD Password Protection Identifies a “Bad” Password
• Ctrl+Alt+Azure | 203 - PIM, PAM and PAW - what and how in Azure?
• UK InfoSec Community - start.me
• Web Security Academy: Free Online Training from PortSwigger
• The Guide to Azure Network Security Group | CloudBolt Software
• Access Managed Identity from container inside VM - Azure - GeralexGR
• Infracost: The cloud’s checkout screen | Infracost
• Snyk | AI Hallucinations & Manipulation: How to Use AI Coding Tools Securely
• Phoenix Security - FIX Vulnerability with context from appsec to cloud security
• Password protection in Microsoft Entra ID - Microsoft Entra | Microsoft Learn
• Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token | MSRC Blog | Microsoft Security Response Center
• Public preview of Workload identity federation for Azure Pipelines - Azure DevOps Blog
• Leading and growing a successful cybersecurity team: Where science meets art - SASIG
• SigmaHQ/sigma-specification: Sigma rule specification
• GitHub - gchq/CyberChef: The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
• ATT&CK® Navigator
• openappsec/waf-comparison-project: Testing datasets and tools to compare WAF efficacy
• Microsoft Defender for Identity entity tags in Microsoft 365 Defender | Microsoft Learn
• Tide helps small businesses do business securely with Wiz | Wiz
• AppSec Fundamentals
• Best Practices for Developer-Centric Application Security Testing - Bright Security
• Entro-secret-protection-White-paper-entro.pdf
• How You Should Not Remediate Your Hardcoded Secrets
• mTLS: When certificate authentication is done wrong - The GitHub Blog
• Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks
• Considerations for Securing your Applications - Microsoft Industry Blogs - United Kingdom
• nettitude/Aladdin
• OWASP Top 10 CI/CD Security Risks | OWASP Foundation
• Announcing Microsoft Authentication Library for .NET 4.54.0, with General Availability of Managed Identity APIs | Microsoft Entra Identity Developer Blog
• Inside the Microsoft Cyber Defence Operations Centre | Microsoft
• Interactive Online Malware Analysis Sandbox - ANY.RUN
• Cyber Security Course & Training | Cyber warfare Labs
• Google Online Security Blog: Announcing the deps.dev API: critical dependency data for secure supply chains
• How to refresh Azure Identity Governance access packages after renaming Azure Active Directory groups – Medium
• Titan in depth: Security in plaintext | Google Cloud Blog
• When MFA is not enough: 5 easy and essential steps for hardening our identities
• Cloud native Data Loss Prevention | The future of data security
• Snort - Network Intrusion Detection & Prevention System
• (ISC)² News and Insights
• OWASP Juice Shop | OWASP Foundation
• Free developer security education lessons | Snyk Learn
• (ISC)² InfoSecurity Professional
• Security Driven .NET
• Homepage - Maltego
• OWASP Nettacker | OWASP Foundation
• Motivating Jenny: Developer Security Toolkit
• Recognizing & Rewarding Security Champions – We Hack Purple
• WhatsMyName Web
• PentesterLab: Learn Web Penetration Testing: The Right Way
• Course SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals
• Running DAST in a CI/CD, Successfully
• Juice Shop - Insecure Web Application for Training | OWASP
• Are You Ready for Test Day? - Get Certified Get Ahead
• CompTIA Security+ (SY0-601) Path | Pluralsight
• HackmichNet/AzTokenFinder
• badssl.com
• crt.sh | Certificate Search
• GRC | ValiDrive
• Security BSides London - YouTube
• HAR Sanitizer
• Analyzing Sensitive Data: Privacy, Ethics, and Security Considerations
• 37C3: Unlocked - media.ccc.de
• Microsoft Webinar: Power Platform – Security, Governance & Adoption | Watch Now
• Redefining Digital Personalization with CIAM
• Goodbye, Passwords. Hello, Passkeys!
• HSMs Decoded: A Complete Guide to Hardware Security Modules and Their Deployment
• JSON Web Token (JWTs) are Dangerous
• ​​Microsoft Azure Innovation Forum: Drive application innovation at scale with cloud-native architectures ​ | Watch Now
• Business Email Compromise: How AI Has Changed the Playing Field
• Microsoft OneDrive and Teams: Harden Your M365 Applications
• Quick Wins I OWASP Top Ten for .NET Developers in 30 Minutes - YouTube
• Infosec/hacking videos recorded by Cooper (@Ministraitor)
• InfoCon Hacking and Security Conference Archives
• Dread (forum) - Wikipedia
• I Will IDOR Myself In - Vangelis Stykas - YouTube
• Announcing .NET Chiseled Containers - .NET Blog
• New Microsoft Incident Response team guide shares best practices for security teams and leaders | Microsoft Security Blog
• secmerc/materialize-threats
• Advent of Cyber 2023
• rmbolger/Posh-ACME: PowerShell module and ACME client to create certificates from Let’s Encrypt (or other ACME CA)
• Microsoft Intune Suite - Endpoint Privilege Management Elevation Settings - YouTube
• Learn about using Endpoint Privilege Management with Microsoft Intune | Microsoft Learn
• Beyond the Code / SBOM: Supply Chain Security
• Integrate security into your developer workflow with GitHub Advanced Security for Azure DevOps - Azure DevOps Blog
• DevOps Security Workbook - Microsoft Community Hub
• Policy Conflict in Bitlocker policy : r/Intune
• Troubleshoot access, permission issues - Azure DevOps | Microsoft Learn
• WebAuthn.io
• Redacting sensitive data in logs with Microsoft.Extensions.Compliance.Redaction
• mattnotmax/cyberchef-recipes: A list of cyber-chef recipes and curated links
• Hosts Search - Censys
• Article Listing | Datadog Security Labs
• docker scout | Docker Documentation
• BSides / FrontPage
• Introduction - Azure AD Workload Identity
• (3) Best Practices with Organizing Results in Snyk - YouTube
• inAppBrowser.com
• Security policies - Snyk User Docs
• Introduction - Azure AD Workload Identity
• A developer on my team accidentally published a repo under his personal account on BitBucket. It was public for 10 minutes. How worried should I be about the contents leaking? : r/sysadmin
• CL0P Seeds ^_- Gotta Catch Em All!
• Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365 - Black Hills Information Security
• Microsoft Azure Managed Identity Deep Dive - YouTube
• HackmichNet/AzTokenFinder
• idPowerToys
• C2 - Hak5 Cloud Command and Control
• Lab Guide - AKS Workload Managed Identity
• The Art of Digital Forensics Report Writing | LinkedIn
• synacktiv/nord-stream: Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.
• Introducing Aladdin - LRQA Nettitude Labs
• Google Cloud Cybersecurity Forecast 2024 - EMEA
• OWASP Top 10: Server Side Request Forger - Ep10
• Have Your Secrets Leaked? It’s time to find out! | GitGuardian
• HSMs Decoded: A Complete Guide to Hardware Security Modules and Their Deployment
• My NCSC Home - My NCSC
• Preparing for Quantum-Safe Cryptography - NCSC.GOV.UK
• How to build a strong identity foundation - Microsoft Security Blog
• Azure Tenant Security Solution (AzTS)
• The ISF is a leading authority on information security and risk management - Information Security Forum
• ovotech/gitoops: all paths lead to clouds
• Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege
• Token theft playbook | Microsoft Learn
• Is Your Peloton Attracting Security Threats? - Check Point Blog
• DevSecOps Lifecycle Coverage with Snyk | Dynatrace Hub
• Cybersecurity Framework | NIST
• How to Conduct Person of Interest Investigations Using OSINT & Maltego - Maltego
• CyberThreat
• IAM vs PAM vs PIM: The Difference Explained
• What’s new? Release notes - Microsoft Entra | Microsoft Learn
• Use Azure Functions to Remove Unauthorized Role Assignments - Microsoft Community Hub
• 10 ways SecOps can strengthen cybersecurity with ChatGPT | VentureBeat
• Rogue IT security worker who impersonated ransomware gang is sentenced to jail • Graham Cluley
• Shostack + Associates > Tabletop Security Games + Cards
• Azure DevOps agents on AKS with workload identity - DEV Community
• How managed identities for Azure resources work with Azure virtual machines - Microsoft Entra | Microsoft Learn
• Az Mask
• Introduction - Azure AD Workload Identity
• Taming Secrets Sprawl with Doppler and GitGuardian - YouTube
• TryHackMe | Cyber Security Training
• Free: Dastardly from Burp Suite | Blog - PortSwigger
• New Microsoft identity and data protection capabilities to accelerate CMMC compliance for the Defense Industrial Base | Microsoft Security Blog
• Microsoft identity platform and OAuth 2.0 authorization code flow - Microsoft Entra | Microsoft Learn
• GitHub repos bombarded by info-stealing commits masked as Dependabot
• NCSC Annual Review 2023 - NCSC.GOV.UK
• “EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts | by Guardio | Oct, 2023 | Medium
• Wiz | Secure Everything You Build and Run in the Cloud
• Detect threats using Microsoft Graph activity logs - Part 1 - Cloudbrothers
• x1trap/websec-answers: Websec interview questions by tib3rius answered
• What is a Configuration Management Database (CMDB)? - ServiceNow
• Quick Start - tfsec
• jwt-cli - npm
• Best Practices for Developer-Centric Application Security Testing - Bright Security
• Illustrated DPoP (OAuth Access Token Security Enhancement) | by Takahiko Kawasaki | Medium
• Securing Password Management Using AWS Nitro Enclaves with Dashlane | Case Study | AWS
• Corelight: Evidence-Based NDR and Threat Hunting Platform
• mTLS: When certificate authentication is done wrong - The GitHub Blog
• AZ-500: Microsoft Azure Security Technologies Study Guide
• Public Warning Solutions – Cell Broadcast and Beyond
• OpenYOLO for Android

Podcasts

• Cybersecurity History Podcast | Malicious Life

OSINT